Ask Mr. Security Answer Person with John Pescatore

December 19, 2014

Submit your questions to: [email protected]

This week Richard Stern from Minnesota asks: 

Q: “We are looking to determine and reduce our potential exposure but are trying to figure out whether threat intelligence or security analytics will provide us the information we need. Is there really much of a difference between them, if so what is it and which one will give us more bang for our buck?” 

To give you a meaningful answer, Mr. Stern, I'm going to have to skew old a bit and reminisce about a Steve Martin comedy routine from the 1970's. He did a bit on how he wanted a better sound when he was playing records1 on his old stereo system. He went milliphonic (1000 speakers), still sounded crappy. He finally went "guglaphonic -- the highest number of speakers before infinity" -- but no improvement.

December 3, 2014

Submit your questions to: [email protected]

This week David Rosenberg from New York City asks: 

What are some immediate steps our enterprise (we have 1,200 employees) can take to discover if we are targeted by Regin malware? How concerned should we be?” 

Well, David, I give you a few thoughts specifically on Regin in a bit. Let me first give you some pushback.

Each week I’m sure your local newspaper has a list of robberies in your area, as well as articles containing the names of burglars and bank robbers that were arrested or convicted in your area. Each week do you wonder if you should be concerned about your house being broken into? I hope you wouldn’t look for different strategies for burglar A one week, Peeping Tom B the next and car thief C after that etc.

August 18, 2014

Submit your questions to: [email protected]

Can I trust my networking gear? I have heard a lot about NSA backdoors in Cisco and Juniper routers and firewalls. How can I tell if my networking gear has not been compromised?” 

Well, Mr. Davis – I don’t know about you, but I was not a fan of the Harry Potter books or movies. All those wizards with all those powers and not one of them had cured the common cold or developed a telephone system so when  you reached the wrong extension at a company the person didn’t have to say “I’ll try to transfer you, but if I lose you, here is the correct extension…” – let alone solved any cybersecurity problems. They seemed too busy playing polo on flying brooms and sending messages via owls, if you ask me.

June 16, 2014

Submit your questions to: [email protected]

This week Seth Jones from Milwaukee asks: 

Why should I worry about BYOD? It is great not to have to buy my employees cell phones.” 

Shame on you, Mr. Jones – not to get all Biblical on you, but have you never heard the ancient proverb “It is better to give than receive?”  By providing your employees with smart phones, tablets, etc., not only do you get the satisfaction of giving but you also get to maintain the high level of security you had on those corporate Windows PCs and laptops you so lovingly provided employees with over the years.

May 12, 2014

Submit your questions to: [email protected]

This week we have a somewhat cynical question from Mr. Stephen Blakley of Pasadena, CA:  

Q: What is the "Target effect" and are retail organizations really getting serious about security?”

Well, Mr. Blakley, the Official Mr. Security Answer Person Dictionary has this definition for that term:

Tar·get  Ef·fect  [tahr-git]  [ih-fekt] noun

April 21, 2014

Submit your questions to: [email protected]

This week we have a very timely question from Ms. Ashleigh Vandelay, an architect in Flint, MI: 

Two weeks ago, after reading the scary warnings about the Heartbleed vulnerability, I grabbed all my back issues of The Daily Cryptogram puzzle and some food and water, and headed down into my survival bunker and sealed the door. I’m just about out of Kind bars – the only ones left are the gluten-free honey mustard plus fiber ones that I bought from a few years ago.

Is it safe to come out yet?”

April 16, 2014

Submit your questions to: [email protected] 

Today's question comes from Mr. Richard Fader of Perth Amboy, NJ:

I use Tumblr to share animated .gifs of barbed wire fences on windy days, and Tumblr just notified me I could now use “two factor” login with text messages to my iPhone, instead of my standby “Password123” password. Twitter, Facebook and Google apps have all done the same thing, but at work I’m still using “Password123” until they make me change it to “Password234” and so on.

What’s up with that – are my barbed wire .gifs actually more of a target for hackers than our corporate systems??”


October 22, 2013

By John Pescatore

One of the security-related topics that has the least actual impact on enterprise security has been getting the most attention from the security press and the security Twitterverse: the Edward Snowden NSA surveillance disclosures. If you made a list of the top 100 risks to any company (or any individual) NSA intercepting their communications would never make the list. 

This outrage over intelligence activities tends to happen in times of relative peace and freedom from local wars or terrorists flying airplanes into buildings. This is actually a good thing, because over-reach by intelligence agencies tends to happen during those same periods. 

The Human Factor: Gain new insight into the ways attackers exploit end-users' psychology​​

About Security Current | Privacy Policy | Subscribe to our newsletter